[转载]A Survey of Border Gateway Protocol (BGP) Security

信息来源：邪恶八进制信息安全团队（www.eviloctal.com）

The Border Gateway Protocol (BGP) is the de facto interdomain routing protocol of the Internet. Although the performance BGP has been historically acceptable, there are mounting concerns about its ability to meet the needs of the rapidly evolving Internet. A central limitation of BGP is its failure to adequately address security. Recent outages and security analyses clearly indicate that the Internet routing infrastructure is highly vulnerable. Moreover, the design and ubiquity of BGP has frustrated past e orts at securing interdomain routing. This paper considers the vulnerabilities of existing interdomain routing and surveys works relating to BGP security. The limitations and advantages of proposed solutions are explored, and the systemic and operational implications of their design considered. We centrally note that no current solution has yet found an adequate balance between comprehensive security and deployment cost. This work calls not only for the application of ideas described within this paper, but also for further introspection on the problems and solutions of BGP security.